Nginx Question posted in
The official documentation can be found here.

AADSTS90102 error when using django-microsoft-auth for SSO with Azure AD – Nginx

I followed the steps in this tutorial to enable SSO with Azure Active Directory for the admin portion (to start) of my Django app:
https://django-microsoft-auth.readthedocs.io/en/latest/usage.html

Navigating to /admin yields this page, which is good:
enter image description here

Clicking Microsoft brings up this new window:
enter image description here

The important error seems to be:
AADSTS90102: ‘redirect_uri’ value must be a valid absolute URI.

In this window, I used the browser console and found that a GET request was being made like this:

https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https,https://example.org/microsoft/auth-callback/&s...

Note the redirect_uri=https,https://.... It seems like that leading "https," is superfluous and is causing the problem. Any ideas where that could be coming from?

In my Azure app, the redirect URI is set to https://example.org/microsoft/auth-callback/:
enter image description here

I’m using Python 3.9.6, Django 3.2, django-microsoft-auth 2.4.0, NGINX 1.18.0, uvicorn 0.14.0

I’ve searched for help on this and haven’t found anything relevant to my situation. Thanks in advance!

Tags:

3

Answers


  1. 0

    Based on the SO Thread Reference.

    Use http as the redirect URI instead of https to resolve the issue in most cases.

    use

    http://localhost:8080/microsoft/auth-callback/

    Instead of

    https://localhost:8080/microsoft/auth-callback/

    If there is a option,

    Use localhost:8080 into the table django_site

    Reference SO Thread: django-microsoft-auth : The provided value for the input parameter 'redirect_uri' is not valid

    Login or Signup to reply.
  2. 0

    As you think, the first https is superfluous, you just need to delete it.

    https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https://example.org/microsoft/auth-callback/&s...

    By the way, I think there is no problem with the redirect_uri you set in the Azure portal.

    Login or Signup to reply.
  3. 0

    I guess it is a problem of the redirecting URL. The example URL is coming from django site table. So first of all you need to enable the site:

    #in settings.py
SITE_ID = 1

    Afterwards you can go to the admin interface and set the url of the site to the correct domain. From my experience I know that it won’t work without that.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search